Commit dec57ba3 authored by Xavier Guimard's avatar Xavier Guimard

Move CAS Server options to CTrees (#1183)

parent 679911d4
......@@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
use constant MANAGERSECTION => "manager";
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
use constant APPLYSECTION => "apply";
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaDataNode|torageOptions)|A(?:ppMetaDataNode|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|re(?:moteGlobalStorageOption|loadUrl)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaDataNode|torageOptions)|A(?:ppMetaDataNode|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
our @sessionTypes = ( 'remoteGlobal', 'cas', 'global', 'localSession', 'persistent', 'saml', 'oidc' );
......
......@@ -20,8 +20,8 @@ sub defaultValues {
'captcha_mail_enabled' => 1,
'captcha_register_enabled' => 1,
'captcha_size' => 6,
'CAS_authnLevel' => 1,
'casAccessControlPolicy' => 'none',
'casAuthnLevel' => 1,
'checkXSS' => 1,
'confirmFormMethod' => 'post',
'cookieName' => 'lemonldap',
......
......@@ -608,24 +608,6 @@ sub attributes {
'default' => 6,
'type' => 'int'
},
'CAS_authnLevel' => {
'default' => 1,
'type' => 'int'
},
'CAS_CAFile' => {
'type' => 'text'
},
'CAS_gateway' => {
'type' => 'bool'
},
'CAS_proxiedServices' => {
'keyMsgFail' => '__badCasProxyId__',
'keyTest' => qr/^\w+$/,
'type' => 'keyTextContainer'
},
'CAS_renew' => {
'type' => 'bool'
},
'casAccessControlPolicy' => {
'default' => 'none',
'select' => [
......@@ -653,9 +635,36 @@ sub attributes {
'casAttributes' => {
'type' => 'keyTextContainer'
},
'casAuthnLevel' => {
'default' => 1,
'type' => 'int'
},
'casSrvMetaDataExportedVars' => {
'default' => {
'cn' => 'cn',
'mail' => 'mail',
'uid' => 'uid'
},
'keyMsgFail' => '__badVariableName__',
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
'msgFail' => '__badValue__',
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
'type' => 'keyTextContainer'
},
'casSrvMetaDataNodes' => {
'type' => 'casSrvMetaDataNodeContainer'
},
'casSrvMetaDataOptionsGateway' => {
'type' => 'bool'
},
'casSrvMetaDataOptionsProxiedServices' => {
'keyMsgFail' => '__badCasProxyId__',
'keyTest' => qr/^\w+$/,
'type' => 'keyTextContainer'
},
'casSrvMetaDataOptionsRenew' => {
'type' => 'bool'
},
'casSrvMetaDataOptionsUrl' => {
'msgFail' => '__badUrl__',
'test' =>
......
......@@ -2052,20 +2052,28 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
},
# CAS
CAS_authnLevel => {
casAuthnLevel => {
type => 'int',
default => 1,
documentation => 'CAS authentication level',
},
CAS_CAFile => { type => 'text', },
CAS_gateway => { type => 'bool', },
CAS_proxiedServices => {
casSrvMetaDataExportedVars => {
type => 'keyTextContainer',
keyTest => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
keyMsgFail => '__badVariableName__',
test => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
msgFail => '__badValue__',
default => { cn => 'cn', mail => 'mail', uid => 'uid', },
documentation => 'CAS exported variables',
},
casSrvMetaDataOptionsGateway => { type => 'bool', },
casSrvMetaDataOptionsProxiedServices => {
type => 'keyTextContainer',
keyTest => qr/^\w+$/,
keyMsgFail => '__badCasProxyId__',
},
CAS_renew => { type => 'bool', },
casSrvMetaDataOptionsUrl => {
casSrvMetaDataOptionsRenew => { type => 'bool', },
casSrvMetaDataOptionsUrl => {
type => 'text',
test => $url,
msgFail => '__badUrl__',
......@@ -2086,7 +2094,6 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
template => 'casAppMetaDataNode',
},
# PAM
pamAuthnLevel => {
type => 'int',
......
......@@ -215,10 +215,18 @@ sub cTrees {
'oidcRPMetaDataOptionsExtraClaims',
],
casSrvMetaDataNode => [
'casSrvMetaDataOptionsUrl',
],
casAppMetaDataNode => [
{
title => 'casSrvMetaDataOptions',
nodes => [
'casSrvMetaDataOptionsUrl',
'casSrvMetaDataOptionsRenew',
'casSrvMetaDataOptionsGateway',
'casSrvMetaDataOptionsProxiedServices',
]
},
'casSrvMetaDataExportedVars',
],
casAppMetaDataNode => [],
};
}
......
......@@ -121,11 +121,7 @@ sub tree {
{
title => 'casParams',
help => 'authcas.html',
nodes => [
'CAS_authnLevel', 'CAS_CAFile',
'CAS_renew', 'CAS_gateway',
'CAS_proxiedServices'
]
nodes => [ 'casAuthnLevel' ]
},
{
title => 'dbiParams',
......
......@@ -14,9 +14,59 @@ function templates(tpl,key) {
case 'casSrvMetaDataNode':
return [
{
"get" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",
"title" : "casSrvMetaDataOptionsUrl"
"_nodes" : [
{
"get" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",
"title" : "casSrvMetaDataOptionsUrl"
},
{
"get" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",
"title" : "casSrvMetaDataOptionsRenew",
"type" : "bool"
},
{
"get" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",
"title" : "casSrvMetaDataOptionsGateway",
"type" : "bool"
},
{
"cnodes" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",
"title" : "casSrvMetaDataOptionsProxiedServices",
"type" : "keyTextContainer"
}
],
"id" : "casSrvMetaDataOptions",
"title" : "casSrvMetaDataOptions"
},
{
"cnodes" : tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",
"default" : [
{
"data" : "cn",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",
"title" : "cn",
"type" : "keyText"
},
{
"data" : "mail",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",
"title" : "mail",
"type" : "keyText"
},
{
"data" : "uid",
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",
"title" : "uid",
"type" : "keyText"
}
],
"id" : tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",
"title" : "casSrvMetaDataExportedVars",
"type" : "keyTextContainer"
}
]
;
......
......@@ -101,11 +101,7 @@
"captcha_mail_enabled": "Activation in password reset by mail form",
"captcha_register_enabled": "Activation in register form",
"captcha_size": "Size",
"CAS_authnLevel": "Authentication level",
"CAS_CAFile": "CA file",
"CAS_gateway": "Gateway authentication",
"CAS_renew": "Renew authentication",
"CAS_proxiedServices": "Proxied services",
"casAuthnLevel": "Authentication level",
"casAccessControlPolicy": "Access control policy",
"casApp": "CAS Application",
"casAppMetaDataNodes": "CAS Applications",
......@@ -114,6 +110,11 @@
"casAttributes": "CAS exported attributes",
"casParams": "CAS parameters",
"casSrv": "CAS Server",
"casSrvMetaDataExportedVars": "Exported variables",
"casSrvMetaDataOptions": "Options",
"casSrvMetaDataOptionsGateway": "Gateway authentication",
"casSrvMetaDataOptionsRenew": "Renew authentication",
"casSrvMetaDataOptionsProxiedServices": "Proxied services",
"casSrvMetaDataOptionsUrl": "Server URL",
"casSrvMetaDataNodes": "CAS Servers",
"casSrvName": "CAS Server Name",
......
......@@ -101,11 +101,7 @@
"captcha_mail_enabled": "Activation dans le formulaire de réinitialisation par mail",
"captcha_register_enabled": "Activation dans le formulaire de création de compte",
"captcha_size": "Taille",
"CAS_authnLevel": "Niveau d'authentification",
"CAS_CAFile": "Fichier d'AC",
"CAS_gateway": "Authentification transparente",
"CAS_renew": "Renouveller l'authentication",
"CAS_proxiedServices": "Services mandatés",
"casAuthnLevel": "Niveau d'authentification",
"casAccessControlPolicy": "Politique de contrôle d'accès",
"casApp": "Application CAS",
"casAppMetaDataNodes": "Applications CAS",
......@@ -114,6 +110,11 @@
"casAttributes": "Attributs CAS",
"casParams": "Paramètres CAS",
"casSrv": "Serveur CAS",
"casSrvMetaDataExportedVars": "Variables exportées",
"casSrvMetaDataOptions": "Options",
"casSrvMetaDataOptionsGateway": "Authentification transparente",
"casSrvMetaDataOptionsRenew": "Renouveller l'authentication",
"casSrvMetaDataOptionsProxiedServices": "Services mandatés",
"casSrvMetaDataOptionsUrl": "URL du serveur",
"casSrvMetaDataNodes": "Serveurs CAS",
"casSrvName": "Nom du serveur CAS",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment